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Abstract. We present the proof of Diophantus' 20th problem (book VI 
of Diophantus' Arithmetica) , which consists in wondering if there exist 
right triangles whose sides may be measured as integers and whose sur- 
face may be a square. This problem was negatively solved by Fermat in 
the 17th century, who used the wonderful method (ipse dixit Fermat) of 
infinite descent. This method, which is, historically, the first use of in- 
duction, consists in producing smaller and smaller non-negative integer 
solutions assuming that one exists; this naturally leads to a reductio ad 
absurdum reasoning because we are bounded by zero. We describe the 
formalization of this proof which has been carried out in the Coq proof 
assistant. Moreover, as a direct and no less historical application, we also 
provide the proof (by Fermat) of Fermat's last theorem for n = 4, as well 
as the corresponding formalization made in Coq. 



1 Introduction 

Diophantus of Alexandria (c. AD 250) was a Greek mathematician whose life is 
little known but who wrote the 13 books of a collection called Arithmetica [13] . 
Diophantus is usually considered to be the father of Algebra, and his books 
consider more than 130 problems (most of which have been solved) of first and 
second order leading to equations whose roots are either integer or fractional. 
Until 1972, only 6 books of this collection had been retrieved (in the 15th cen- 
tury in Italy by Regiomontanus) when 4 other books were found in Iran. The 
collection was translated in the 16th century by Wilhelm Holtzmann (also known 
as Xylander) at Heidelberg (in Germany) and completed (in France) in Latin 
by Claude-Gaspard Bachet De Meziriac. Diophantus' work had a significant in- 
fluence on Arabic mathematicians but also on western (and essentially French) 



mathematicians like Viete and Fermat. In the 17th century, reading Bachet's 
translation (now lost) of book VI (related to propositions over right triangles 
whose sides are measured as integers), Pierre Simon de Fermat (1601-1665) [4 J 
was interested, amongst others, in the following problem (20th problem): can 
a right triangle whose sides are measured as integers have a surface measured 
as a square? Formally, this is equivalent to knowing if there exist four non-zero 
integers x, y, z and t s.t.: 

x 2 + y 2 = z 2 and xy = 2t 2 . 

We know that the first equation has an infinity of solutions (for example, 3, 
4 and 5, etc), called Pythagorean triples (f° r they measure the sides of a 
right triangle and verify Pythagoras' relation), but with the condition over the 
surface the problem is a little more difficult so that Fermat answered this ques- 
tion negatively ^l] using a wonderful method (the word was applied by Fermat 
himself): the infinite descent |4I21I10| . This method is based on the fact that 
there does not exist any strictly decreasing non-negative integer sequence. Thus, 
starting from a lemma characterizing Pythagorean triples, Fermat's idea consists 
in re-expressing the problem with (strictly) smaller non-negative integers. More 
precisely, Fermat concludes his proof as follows (quotation of the original text 
in modern French): 

Si on donne deux carres dont la somme et la difference sont des carres, on 
donne par la mime, en nombres entiers, deux carres jouissant de la mime 
propriete et dont la somme est inferieure. 

Par le mime raisonnement, on aura ensuite une autre somme plus petite que 
celle deduite de la premiere, et en continuant indefiniment, on trouvera tou- 
jours des nombres entiers de plus en plus petits satisfaisant aux mimes con- 
ditions. Mais cela est impossible, puisqu'un nombre entier etant donne, il ne 
peut y avoir une infinite de nombres entiers qui soient plus petits. 

which means that given two squares m 2 , n 2 s.t. m 2 + n 2 and m 2 — n 2 are 
also squares, we can find two squares m' 2 , n' 2 with the same properties s.t. 
m' 2 + n' 2 < m 2 + n 2 . Re-applying the process infinitely, we always find smaller 
non-negative integers (w.r.t. m 2 + n 2 ), which is impossible because we are 
bounded by zero. 

This proof is worth being formalized in a theorem prover for several reasons. 
First, this is a nice mathematical proof in the sense that it is rather short (with- 
out, nonetheless, being trivial) and uses an original method (infinite descent). 
Actually, it can be shown that the descent is equivalent to Noetherian induction 
and even if it is difficult to consider induction reasoning as original these days, 
it is more the expression of this induction (making it possible to establish uni- 
versally false propositions) which is interesting here (this method has not been 
greatly formalized or even used in deduction systems). This provides an addi- 
tional interest to Fermat's proof and to this work since this is the first use of 
induction in the history of Mathematics. Moreover, beyond the fact that adding 



this new theorem contributes a little more to the formalization of Mathematics 
on a computer, the true challenge is certainly the development of the application 
of the method itself (which can vary widely from one problem to another 1 ). Fi- 
nally, this proof has a high re-use potential. Fermat's last theorem [1712111 6 10J 
(there do not exist non-zero integers x, y and z s.t. x n + y n = z n for n > 2) 
can be easily deduced for n = 4 (also proved by Fermat) from the proof of 
Diophantus' 20th problem and we also provide the proof in this paper as well 
as its formalization. Infinite descent is also used to prove Fermat's last theo- 
rem for n = 3 (probably first proved by Fermat and later by Leonhardt Euler 
and Karl Friedrich Gauss independently), n = 5 (proved by Adrien-Marie Leg- 
endre and Lejeune Dirichlet using Sophie Germain's work), n = 7 (proved by 
Gabriel Lame) and n = 14 (proved by Dirichlet). More generally, as claimed 
in j2l], the infinite descent method is the method par excellence in number the- 
ory and in Diophantine analysis in particular. 

As a theorem prover, we chose to use the Coq proof assistant QB] (V8.0). 
Despite the fact that Coq is usually not considered to be one of the most 
mathematician-friendly theorem provers (essentially due to its proof style, i.e. 
the proofs are expressed in a procedural way which may seem unnatural for 
mathematician users, and probably a not high enough level of automation, i.e. 
the system may be, in some cases, not strong enough to deduce automatically 
theorems from others whereas it seems rather easy to do so by hand) , our choice 
was motivated both by recent improvements regarding concrete syntax, in par- 
ticular for arithmetic, and by a fairly sufficient degree of automation for the 
problem we wanted to formalize (actually, only ring simplifications were needed 
in our development). 

In this paper, we present an informal (but rigorous) sketch of Fermat's proofs 
for Diophantus' 20th problem and Fermat's last theorem for n — 4, as it would be 
described in a usual Mathematics book. Next, we give details regarding the for- 
malization of this proof emphasizing the difficult points (essentially the lemmas 
related to Pythagorean triples and the descent) and the solutions we provided. 

2 Mathematical proof sketch 

As said in the introduction, we want to prove that there do not exist right 
triangles whose sides are measured as integers and the surface as a square. This 
means that there do not exist four non-zero natural numbers (the theorem is 
also true for integers) x, y, z and t s.t.: 

x 2 + y 2 = z 2 and xy = 2t 2 . 

The proof starts looking for a characterization of Pythagorean triples, i.e. 
the set of triples of natural numbers x, y and z verifying x 2 + y 2 = z 2 . 

1 For example, using this method to prove Fermat's last theorem for n — 4 may be 
considered as rather elementary, whereas the proof of Leonhardt Euler for n = 3 
ruins any hope, for Christian Goldbach (his friend and boss), of using such a method 
to find a general proof for this theorem. 



In the following, IN denotes the set of natural numbers (considering that 
£ IN), i.e. the set of non-negative integers, and DM* is the set of natural numbers 
except 0, i.e. the set of positive integers. 

2.1 Pythagorean triples 

Historically, Pythagorean triples (also called Pythagorean triads) were studied 
by Euclid of Alexandria in his Stoicheion 14] (The Elements). But, as can be seen 
in j2U, a Babylonian tablet (Plimpton 322; c. BC 1900-1600) already contained 
the computation of fifteen Pythagorean triples, which tends to prove that such 
triples were at least known long before Euclid and may even have been calculated 
according to some rules. The set of Pythagorean triples can be characterized by 
theorem below. The proof, we provide, uses a geometrical point of view and 
consists in locating the rational points of the unit circle. This proof is described 
in [S] and is far different from the usual proofs that can be found in [$] or |16j . 

Theorem 1 (Pythagorean triples). Let S be the set of Pythagorean triples 
and defined as S — { (a, b, c) | a, b, c £ IN and a 2 + b 2 = c 2 }. Let T be the set 
defined as follows: 

T = { (m(q 2 — p 2 ), 2mpq, m(p 2 + q 2 )), 

{2mpq, m(q 2 -p 2 ),m(p 2 + q 2 ))\ m,p £ IN, q £ N*,p < q, 

p and q relatively prime, 
p and q have distinct parities}. 

Then S = T. 

Proof. We denote C = {(x, y) £ R 2 |x 2 + y 2 — 1}, the unit circle and, for r £ R, 
D r = {(x, y) £ R 2 |y = r(x + 1)}. The proof is made in 6 steps: 

Step 1: given a Pythagorean triple (a, b, c), which is not (0,0,0), there exists 
a corresponding point (-, of the unit circle. As c > 0, we can divide by c 2 : 
(f) 2 + (c) 2 = •"■! wn ich verifies the unit circle equation. Conversely, given a point 
-) of the unit circle, there exists an infinity of corresponding Pythagorean 
triples (ma,mb,mc), for m £ DM. We have (-) 2 + (-) 2 = 1 and we can multiply 
by m 2 c 2 obtaining: (ma) 2 + (mb) 2 = (mc) 2 . 

Step 2: the set C C\ D r has two points. To find these points, we have to solve 
the following system: 




(1) 



Thus, x must be solution of the following equation: 



(1 + r 2 )a; 2 + 2r 2 .x + r 2 - 1 = 



1 _ 2 

The solutions are — 1 and . Using the second equation of (Qjl , we obtain 

the two solutions {(—1, 0); (jrf? ! jr^r)}- We notice that the second point is non- 
negative for < r < 1. 

Step 3: now, given M € C, we can show that the coordinates of M are rational 
iff there exists a rational r s.t. Me CD D r . First, let us suppose that we have 
reQ with M G C H -D r . We have two possibilities: either M = (—1, 0), which 
is trivially rational, or M = (jt^,jt^), where the coordinates are rational 
fractions (quotients of polynomials) in r € (Q, thus also in Q. 

Conversely, let us suppose the coordinates (x, y) of M are rational. We have 
two cases: either M = (—1,0) and M is in M G C (1 D r , for all r £ (Q, or else 
(—1,0) and we take r = (which is a rational), M is in C by hypothesis 
as well as in D r by construction of r. 

Step 4: the points of C with non-negative rational coordinates are given by the 
set {(j^, if-pr)}, with r e <Qn [0; 1] (steps 2 and 3). Taking r = |, with p G DM, 
5 G DM*, p < q and p, g relatively prime (irreducible fraction), the set of points 
of C with non-negative rational coordinates is the following: 

W = {(-^ -r. r)|p G DM, g G DM*,p < q,p and <? relatively prime} 

Step 5: It is not possible to derive a characterization of Pythagorean triples 
from W because the rational points of the unit circle must be expressed with 
irreducible fractions. Hence, let us consider the set W' defined as follows: 

w' — / (9—zpL 2 pi \ ( 2 pi i 2 -p 2 \ 1 

l \p 2 +q 2 ' p 2 +g 2 /' \p 2 +q 2 ' p 2 +q 2 ^ I 

pG DM,9G DM*,p < q, p and q relatively prime, 

p and q have distinct parities} 

Let us show that W = W. First, let us consider the inclusion W C W: 

2 _ 2 o 

given a point x = ( ^ 2+ ^ , pt+'q* ) ^ ^> smce P an d 9 are relatively prime, either 
p and g have distinct parities, or they are both odd. In the former case, we have 
trivially x G W. In the latter case, let us look for p' and q' s.t.: 

q 2 -P 2 = 2pV ^ d 2p g = q' 2 - p' 2 

p 2 + q 2 p l2 + q l2 an p 2 + q 2 p /2 + q l2 ( > 

which leads to the solutions p' = and q' = _ These solutions are both 
integers since p and q are both odd. We have p' + q' — q and q' — p' = p; since p 
and q are relatively prime, p' and q' are relatively prime (knowing that if m + n 
and to — n are relatively prime then m and n are relatively prime) . Since p and 
q are both odd, we have p = 2k + 1, q = 2fe' + 1 and we obtain p' = fc' — fc, 
g' = k + k' + 1. Considering all the cases w.r.t. the parities of k and k', we easily 
verify that p' and g' have distinct parities. Thus, x G W. 



Conversely, let us prove the inclusion W C W. Given a point x € W, either 
x = (§rq^2 , $$pr) or x = (j^2, fr^2 )• In the former case, x is trivially in W. 
In the latter case, we have to solve the system (pj, which leads to the solutions 
p' = q — p and q' = p + q. These solutions have distinct parities (using the condi- 
tions over p and q together with proposition in subsection 12, 2J1 , Thus, x S W 
and we have shown that W = W, 

Step 6: We have to show that S = T. Given (a, b, c) e S, (|, |) is a point of 
C (step 1), which can be written as (fjnfjz, jlf^r) or (^pr , §2^2) (step 5). 
The two fractions 9 and p a^2 are irreducible (because p and 5 are rela- 
tively prime and have distinct parities) , so c is a multiple of p 2 + q 2 . Setting 
c = m(p 2 + q 2 ), we obtain the triple (a, b, c) = (m(q 2 — p 2 ), 2mpq, m(p 2 + q 2 )) or 
(a, 6, c) = (2mp7, m(q 2 - p 2 ), m(p 2 + q 2 )). Thus, S C T. 

Given a triple (a, 6, c) € T, either (a, 6, c) = (m(q 2 —p 2 ), 2mpq, m(p 2 + q 2 )) or 
(a, 6,c) = (2mpq,m(q 2 —p 2 ),m(p 2 +q 2 )). In both cases, we only have to verify 
that we have a Pythagorean triple (by computation), i.e.: 

(m(q 2 — p 2 )) 2 + (2mpq) 2 = (2mpq) 2 + (m(q 2 — p 2 )) 2 

= m 2 {q i +p A - 2p 2 q 2 + Ap 2 q 2 ) 
= m 2 (p 2 + q 2 ) 2 = (m(p 2 + q 2 )) 2 

Thus, T C S and we have shown that T = S. 
2.2 Infinite descent 

For this proof, which is an application of the infinite descent method |4l21llf)| , 
we essentially used [H], but it is also described in [HJ1- This proof can also be 
found in jH] and JSj, integrated into the proof of Fermat's last theorem for n = 4. 
Using theorem we can express the surface of the right triangle as: 

^ = k 2 pq{q 2 -p 2 ) (3) 

with k,p £ IN, q € IN*, p < q, p, q are relatively prime and have distinct 
parities. 

Thus, Diophantus' 20th problem is equivalent to asking: 
Can pq(q 2 — p 2 ) be a square? 

Preliminaries Here are some preliminary propositions (related to properties 
regarding relatively prime integers and squares) we will have to use when building 
the infinite descent proof (to save space, we do not provide the proofs of these 
rather basic notions): 



Proposition 1. Given m, n £ IN s.t. n < m, if m, n are relatively prime and 
have distinct parities then m + n and m — n are relatively prime. 



Proposition 2. Given to, n € IN s.t. n < m, if to, n are relatively prime then 
m 2 , n 2 are relatively prime and m, n, m 2 — n 2 are relatively prime. 

Proposition 3. Given m.n S IN, if m 2 , n 2 are relatively prime then to, n are 
relatively prime. 

Proposition 4. Given the sequence (u n ) over IN, ifuQ,u\, ...,u n are relatively 
prime and uq x u\ x . . . x u n is a square then Uo, u\, . . . , u n are squares. 

We also recall Gauss's theorem (we do not give the proof again because this is 
quite an usual theorem, which, in particular, is already part of the Coq standard 
library): 

Theorem 2 (Gauss's theorem). Given a, b € IN, if d divides ab and if a, d 
are relatively prime then d divides b. 

To make the dependencies between the previous propositions and theorems 
clear, it should be noted that proposition and theorem are also (implic- 
itly) used in the proof of theorem whereas theorem [2 is used in the proof of 
proposition ^ 

Proof of Diophantus' 20th problem We start by assuming that pq(q 2 — p 2 ) 
is a square. Propositions El and 21 allow us to claim that p, q and q 2 — p 2 are 
squares. Let us have q = m 2 , p = n 2 and q 2 — p 2 = r 2 . Thus, we obtain: 

2 2 2 4 4 / 2 , 2\/ 2 2\ /i\ 

r = q — p = m — n = [ra + n ){m — n ) (4) 

We have: 

— m 2 + n 2 and m 2 — n 2 are odd because p and q have distinct parities; 

— to and n are relatively prime (proposition 0); 

— to 2 + n 2 and to 2 — n 2 are relatively prime (proposition 

As (to 2 + n 2 ){m 2 — n 2 ) is a square, there exist (proposition ^ two natural 
numbers u and v s.t.: 

2,2 2 j 2 2 2 /"e^ 

to + n = u and to — n — v (5) 

But, u 2 = q + p and v 2 = q — p. Then, u and v are odd and are relatively 
prime. Moreover, u 2 — v 2 = (u + v)(u — v) — 2n 2 and u + v, u — v are even 
(divisible by 2). If d is a common prime divisor of u + v and u — v then d 
divides 2u and 2v (by addition and subtraction) . If d > 2 then d divides u and v 
(theorem El : this leads to a contradiction because u and v are relatively prime. 
Thus, gcd(w + v, u — v) =2. 

However, the product of two even numbers is divisible by 4. So, exactly one 
of u + v and u — v is a multiple of 4. Let us assume that u — v is a multiple of 
4: we have u — v — 4s and u + v = 2w, with s, w relatively prime and w odd. 
Then we obtain: 

(it + v)(u — v) = 8sw — 2n 2 and next: n 2 — Asw ( — ) 2 = sw 



The numbers s and w are relatively prime and then s and w are squares 
(proposition . Thus, we have: 



U-v = 4a 2 , u + v = 2b 2 , v = b 2 - 2a 2 

Next: 

n 2 = 4a 2 6 2 and using ©: m 2 = n 2 + v 2 = b 4 + 4a 4 

Writing m 2 = b 4 + 4a 4 means that (b 2 ,2a 2 ,m) is a Pythagorean triple (we 
can remark that if we assume that u + v is the multiple of 4, we have the same 
values for m and n). We can express this triple as described by theorem and 
observing that b 2 is odd (for u and v are relatively prime) : 

(b 2 , 2a 2 , m) = {k'{q 12 p' 2 ), 2k'p'q', k\p' 2 + q' 2 )) 

It is necessary that k' = 1 since b 2 and 2a 2 are relatively prime (for u and v 
are relatively prime) and we have: 

1.2 12 12 2 II 

b i = q — p , a = p q 

Finally, for the same reason, p' and q' are also relatively prime. As p'q 1 
and {p' + q')(q' — p 1 ) are squares, p' , q' , p' + q' and q' — p' are also squares 
(proposition 31 . Setting q' — m 2 and p' — n 2 , we are back to the initial point: 
looking for m 2 and n 2 whose addition and subtraction must be squares implies 
looking for m' 2 and n' 2 with the same property. But we have m' 2 + n' 2 < m 2 + n 2 : 

m' 2 + n 12 =q'+p' = , f n < b 2 < b 2 + 2a 2 < (b 2 + 2a 2 ) 2 = m 2 + n 2 

{q -p) 

We can restart the reasoning and we will always find strictly smaller non- 
negative integers (not w.r.t. m and n but w.r.t. m 2 + n 2 ) verifying the same 
conditions. However, this leads to a contradiction because there does not exist 
an infinity of smaller non-negative integers (bounded by 0) . This reasoning was 
called infinite descent by Fermat. Thus, pq{q 2 — p 2 ) cannot be a square and 
Diophantus' 20th problem has no solution. 



2.3 Application: Fermat's last theorem for n — 4 

From the proof of Diophantus' 20th problem, we can deduce quite directly the 
proof of Fermat's last theorem for n — 4, i.e. there do not exist three non-zero 
natural numbers x, y and z s.t. x 4 + y 4 — z 4 . Regarding this proof, we essentially 
used [E], but it can be also found in ^H], and [16] . 

As previously (for Diophantus' 20th problem), the idea is to deduce a con- 
tradiction and the proof starts by assuming that there exist x,y,z £ IN* s.t.: 

x 4 + y 4 = z 4 (6) 

We can assume that y and z are relatively prime. Otherwise if d is the gcd 
of y and z, then y = dy' , z — dz' and we have: 

z 4 -y 4 = d\y' 4 -z' 4 )=x 4 



Thus, d divides X and if x — dx' then we have to prove: 



which is the initial equation © with y' and z' relatively prime. 

We can also assume that y and z have distinct parities. First, y and z cannot 
be both even because we have just assumed that they are relatively prime. Next, 
let us show that y and z can be supposed not to be both odd. Equation © can 
be written as follows: 

(x*y + ( y r = (z 2 ) 2 

Thus, (x 2 ,y 2 ,z 2 ) is a Pythagorean triple. As a consequence of theorem 
one of the numbers x 2 and y 2 is even (of the form 2mpq) . By symmetry of T, 
we can assume that y 2 is even (otherwise we have to permute the role of x and 
y: we can show that x and z are also relatively prime and we apply the same 
reasoning which follows) . In this way, x 2 and z 2 are both odd (divided by an odd 
to); otherwise, they are both even (divided by an even m) which contradicts the 
assumption that y and z are relatively prime. So, we can assume that y 2 and z 2 
have distinct parities, as well as y and z. 

Moreover, equation © is equivalent to: 

4 4 ( 2 i 2\t 2 2\ 4 I 2\2 

z -y =(z +y ){z - y ) = x = (x ) 

This new equation shows that the problem is now reduced to proving that 
the expression (z 2 + y 2 ){z 2 — y 2 ) cannot be a square, with y, z relatively prime 
and having distinct parities. This has been already shown in subsection l2.2l when 
proving Diophantus' 20th problem with infinite descent. More precisely, we are 
exactly in the conditions of equation (@J, where to, n are relatively prime and 
have distinct parities (since p and q have distinct parities) . 



3 Formalization 

3.1 Generalities 

As mentioned in the introduction, we used the Coq proof assistant (latest version 
V8.0 IS]) to carry out the entire formalization of Diophantus' 20th problem. This 
choice was essentially motivated by some of the recent improvements proposed by 
this version of Coq. Amongst other features, we were attracted by the complete 
revision of the concrete syntax which appears more homogeneous and which 
allows us to get a kind of overloading with a system of scopes. In particular, 
for number theory, this is quite appropriate because we have exactly the same 
notations (e.g. for 0, 1, +, *, etc) over DM, Z, Q or R. Despite the fact that 
the proof style and the level of automation provided by Coq is not as suitable 
as could be expected for mathematical developments, this release does clearly 
represent a step toward a more mathematician-friendly framework. 

Regarding the formalization, it was also necessary to make some choices es- 
sentially motivated by the developments provided by the standard library of Coq 



as well as the level of automation offered by the system. For example, as seen 
in section |21 the theorem deals only with natural numbers but we use many ex- 
pressions with the opposite - (together with appropriate side conditions ensuring 
that the corresponding expressions are always natural numbers; see equation ©, 
for example) and as IN is only a semi-ring, the automation strategy over rings 
(tactic Ring) does not work as expected (it does not simplify expressions in- 
volving the opposite). As a consequence, many algebraic simplifications must 
be carried out manually using the appropriate combination of rewritings. This 
tends to slow down the development significantly and we decided to use Z (with 
some additional non-negativity conditions) instead of IN . In this way, the theorem 
is formally the same and we get a full automation for algebraic manipulations 
(the tactic Ring does work as expected). Another point which had to be dealt 
with is that Coq's standard library does not provide a rational number theory 
(used in the proof of theorem QJ. Actually, there are several libraries of rationals 
(contributed by some Coq users), but no standard tends to emerge and espe- 
cially none of them is related to the classical real number theory provided by the 
standard library. To work around this problem, we considered the real number 
library and we used an ad hoc rational predicate (considering that a rational 
number is a real number expressed as a fraction of two integers), which was 
quite sufficient to deal with our proof. 

In the following, we present an outline of our formalization which has been 
separated in three significant parts: the characterization of Pythagorean triples, 
the application of infinite descent and the proof of Fermat's last theorem for 
n = 4. The whole development is available as a Coq contribution [2j. For informa- 
tion, this contribution involves about 2000 lines of code and took the equivalent 
of two months of development. 

3.2 Pythagorean triples 

The proof in Coq of theorem ^ follows exactly the steps described in subsec- 
tion [231 (trying to characterize the non-negative rational coordinates of the unit 
circle) . We do not give all the intermediary lemmas necessary to build the proof 
and here are the two main lemmas (step 6) which allows us to conclude: 

Lemma pytha_thml : forall a b c : Z, 
(is_pytha a b c) -> (pytha_set a b c) . 

Lemma pytha_thm2 : forall a b c : Z, 
(pytha_set a b c) -> (is_pytha a b c) . 

where is_pytha is the Pythagorean triple predicate (corresponding to S) 
and pytha_set is the set of Pythagorean triples (corresponding to T), which 
are defined as follows: 

Definition pos_triple (a b c : Z) := 
(a >= 0) A (b >= 0) A (c >= 0) . 



Definition is_pytha (a b c : Z) := 

(pos_triple abc) /\a*a+b*b=c*c. 

Definition cond_pqb (p q : Z) := 

p >= A q > A p <= q A (rel_prime p q) . 

Definition distinct_parity (a b : Z) := 

(Zeven a) A (Zodd b) \/ (Zodd a) A (Zeven b) . 

Definition cond_pq (p q : Z) := cond_pqb p q A (distinct_parity p q) . 

Definition pytha_set (abc : Z) := 

exists p : Z, exists q : Z, exists m : Z, 

(a = m * (q * q - p * p) A b = 2 * m * (p * q) \/ 
a = 2*m* (p * q) A b = a * (q * q - p * p)) /\ 
c = m * (p * p + q * q) A m >= A (cond_pq p q) . 

where Z corresponds to Z, Zeven/Zodd are respectively the even/odd pred- 
icates over Z (predefined in the Coq library) and rel_prime is the relatively 
prime predicate over Z (also predefined). 

3.3 Infinite descent 

Infinite descent and induction Historically, infinite descent |4l21ll()j . in- 
vented in the 17th century by Fermat, is one of the first explicit uses of reason- 
ing by induction 2 (over natural numbers) in a mathematical proof (around the 
same time, Blaise Pascal used a similar principle to prove properties for num- 
bers in his triangle). Nevertheless, as claimed in (221, some tend to think that 
this principle was, in fact, already used by the ancient Greeks (in particular, by 
the Pythagorean mathematician Hippasos of Metapont in the proof of the irra- 
tionality of the golden number §(1 + a/5)) in the 5th century BC, and thus, long 
before Fermat, who simply reinvented it. Formally, Fermat 's induction schema 
can be expressed in a general way as follows: 

(Vx.P(x) 3y.y < x f\ P{y)) =*> Vx.^P(x) (7) 

where the relation -< is supposed to be well-founded. 

This schema is quite appropriate to establish universally false properties (in 
particular, Diophantus' 20th problem) but even if it appears that Fermat failed to 
adapt it to prove universally true properties 3 , this principle is, in fact, equivalent 

2 Here, by induction, we mean complete induction (or mathematical induction), in 
contrast to incomplete induction, which was used in Fermat's time to establish con- 
jectures and which simply consisted in verifying the validity of a proposition over IN 
for the first values of IN. 

3 Actually, as can be noticed in a work sent to Christiaan Huygens via Pierre de Carcavi 
(see |21l4llf)j i. Fermat succeeded in using the descent to answer positive questions, 
operating a kind of -"^-translation over the statement, more or less easily in some 



to Noetherian induction |3I22| . which allows us to prove properties positively and 
which is the following: 

(Vx.(Vy.y -< x P(y)) => P(x)) \/x.P{x) 

where the relation -< is supposed to be well-founded. 

Thus, to apply one or the other of these schemas to our proof (see subsec- 
tion !2.2l) . we only have to prove that the relation lZ(x, y)(x', y') = x + y < x' + y' 
(over DM) is well-founded. This is trivially done using a compatibility lemma 
related to the relation < (predefined in the Coq library), i.e. if there exists a 
function / s.t. lZ(x,y) f(x) < f(y) then 1Z is well-founded. Here, in our case, 
the function is simply f(x, y) = x + y. 

Development The formalization in Coq of Diophantus' 20th problem follows 
the steps described in subsection 12.21 and to conclude, we use the infinite de- 
scent schema. As said previously, for the infinite descent principle, we started 
proving the Noetherian induction lemma adapted to our proof (using the well- 
foundedness induction schema provided by the library of Coq, as well as the proof 
that the relation given previously is well-founded) and then we deduced the in- 
finite descent lemma. Here are some of the corresponding lemmas (we proved 
the infinite descent schema for IN and we generalized it, with non-negativity side 
conditions, to work over Z): 

Lemma noetherian : forall P : nat * nat -> Prop, 
(forall z : nat * nat, (forall y : nat * nat, 

(fst(y) + snd(y) < fst(z) + snd(z) )'/.nat -> P y) -> P z) -> 
forall x : nat * nat, P x. 

Lemma inf inite_descent_nat : forall P : nat * nat -> Prop, 
(forall x : nat * nat, (P x -> exists y : nat * nat, 

(fst(y) + snd(y) < fst(x) + snd(x) )'/,nat A P y) ) -> 
forall x : nat * nat, ~(P x) . 

Lemma inf inite_descent : forall P : Z -> Z -> Prop, 
(forall xl x2 : Z, <= xl -> <= x2 -> 

(P xl x2 -> exists yl : Z, exists y2 : Z , <= yl /\ <= y2 A 
yl + y2 < xl + x2 A P yl y2)) -> 
forall x y: Z, <= x -> <= y -> ~(P x y) . 

where the notation °/,nat is used to switch to the arithmetic scope of nat (the 
default scope has been set for Z), the symbol * is the Cartesian product and 
f st/snd are respectively the first/second components of a couple. 

cases (for example, every prime number of the form 4n + 1 is the sum of two squares) 
and quite painfully in some others (such as, every number is a square or composed 
of two, three or four squares). However, he never used a positive induction schema 
to do so. 



Next, here are four lemmas corresponding to the propositions stated in the 
preliminaries of subsection 12.21 (as said in this subsection, Gauss's theorem has 
already been proved in Coq and is part of the standard library) : 

Lemma propl : forall m n : Z, rel_prime m n -> distinct_parity m n -> 
rel_prime (m + n) (m - n) . 

Lemma prop2 : forall m n : Z, rel_prime m n -> 

rel_prime (m * m) (n * n) A rel_prime m (m * m - n * n) . 

Lemma prop3 : forall m n : Z, rel_prime (m * m) (n * n) -> rel_prime m n. 

Lemma prop4 : forall p q : Z, <= p -> <= q -> rel_prime p q -> 
is_sqr (p * q) -> is_sqr p /\ is_sqr q. 

where is_sqr is the square predicate defined as follows: 

Definition is_sqr (n : Z) : Prop := 

<= n -> exists i : Z, i*i=n/\0<=i. 

Finally, here are the two main lemmas, a refined version of the problem (i.e. 
looking for p, q s.t. pq(q 2 — p 2 ) is a square) and the final problem: 

Lemma diophantus20_ref ined : forall p q : Z, 

p > -> q > -> p <= q -> rel_prime p q -> distinct_parity p q -> 
~is_sqr (p * (q * (q * q - p * p) ) ) . 

Lemma diophantus20 : 

"(exists x : Z, exists y : Z, exists z : Z, exists t : Z, 

0<x/\0<y/\0<z/\0<t/\x*x+y*y=z*z/\ 
x*y=2* (t*t)). 

3.4 Fermat's last theorem for n — 4 

The formalization in Coq of Fermat's last theorem for n = 4 follows the proof 
described in suhsection l2.3l As previously stated, the idea is to use the refutation 
of equation J3J, established by the descent in the proof of Diophantus' 20th 
problem and expressed as follows: 

Lemma diophantus20_equiv : forall y z : Z, 

y > -> z > -> y <= z -> rel_prime y z -> distinct_parity y z -> 
~is_sqr ((z*z+y*y) * (z*z-y*y)). 

Here are the main lemma as well as a refined version making the application 
of the previous lemma possible: 

Lemma f ermat4_weak: 

"(exists x : Z, exists y : Z, exists z : Z, 

0<x/\0<y/\0<z/\ rel_prime y z /\ distinct_parity y z /\ 
x*x*x*x + y*y*y*y = z*z*z*z). 



Lemma fermat4: 

"(exists x : Z, exists y : Z, exists z : Z, 
0<x/\0<y/\0<z/\ 

x*x*x*x + y*y*y*y = z*z*z*z). 

4 Conclusion 

4.1 Related proofs and formalizations 

One of the most significant related proofs is certainly John Harrison's work, who 
did the same formalization in HOL90 (an old implementation of the HOL [7 J 
system). Actually, it is not exactly the same especially regarding the proof of 
Pythagorean triples (theorem^, which, as seen in suhsection l2.il is based on the 
characterization of the rational points of the unit circle. Moreover, the formaliza- 
tion described here is fully constructive in contrast to Harrison's; we do not use 
the excluded middle or any form of the axiom of choice (the real numbers we use 
are classical but this could be avoided relying on a constructive formalization of 
real numbers or more appropriately of rational numbers; unfortunately, none of 
these formalizations are standard theories in Coq). 

In Coq, some non trivial proofs regarding number theory have been also 
developed (as user contributions, see For example, Olga Caprotti and Mar- 
tijn Oostdijk formalized Pocklington's criterion for checking primality for large 
natural numbers (their development includes also a proof of Fermat's little theo- 
rem) . Valerie Menissier-Morain also developed a proof of Chinese lemma (related 
to the notion of congruence) and finally, Laurent Thery [19; formalized the cor- 
rectness proof of Knuth's algorithm which gives the first n prime numbers. 

In other theorem provers, the Mizar system (20] provides a large library of 
formalizations (the Mizar Mathematical Library). In particular, a subset of this 
library is dedicated to Mathematics and is edited as the collection entitled For- 
malized Mathematics 0, which contains many developments regarding number 
theory. In HOL (and variants), Joe Hurd formalized the Miller- Rabin proba- 
bilistic primality test and John Harrison is developing the Agrawal-Kayal-Saxena 
primality test. Finally, in Isabelle ^S], the project directed by Jeremy Avigad [llj 
at Carnegie Mellon University aims at developing Mathematics in Isa belle's 
higher-order logic and is focusing, in particular, on extending the number theory 
library of the Isabelle system. 

4.2 Extensions 

As far as the authors know, this work is one of the first formalizations (together 
with Harrison's) of a proof based on the infinite descent principle (other formal- 
izations must certainly use Noetherian inductions but they are not expressed 
in the infinite descent way). This opens up some possibilities of re-using this 
method, which can be easily generalized to any well-founded relation, for some 



other proofs which may be appropriate for this kind of reasoning (essentially uni- 
versally false properties). As examples, we have another historical proof, which 
is the proof of Fermat's last theorem for n = 3 [§] (which is, in fact, the basic 
case if we try to prove Fermat's last theorem by induction). The proof (maybe 
by Fermat and later by Euler and Gauss independently) also uses the principle 
of infinite descent but is longer and far more technical than that for n = 4. This 
should not be considered as surprising: induction can be applied trivially in some 
proofs whereas in some others, it turns out to be tricky to make it work and this 
is also true for the infinite descent schema. Also, it would be possible to adapt 
the method to formalize other proofs (equally historical) of the same theorem for 
other specific values of n (n = 5, n = 7, etc), which similarly use the descent and 
which essentially come from attempts to prove the theorem in the general case 
(in this situation, it may appear surprising that the breakthrough came from a 
link with algebraic geometry and did not use any kind of induction). But, more 
generally, as pointed out in [2D, infinite descent is the method par excellence 
in number theory and in Diophantine analysis. In this way, some other projects 
could be Fermat's equation |lr)l8l21lifl] (also wrongly called Pell's equation in 
older writings; i.e. the equation x 2 — Ny 2 = 1 has infinitely many solutions in 
Z if N > 1 and is not a square), where the method of descent could be used 
to get a proof of existence (but not to compute solutions), or, more ambitiously 
and also more modern, the proof of Mordell's theorem [21 (the group of rational 
points of an elliptic curve is always finitely generated), where the descent has 
been refined to be applied. 
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